Disclosed are various embodiments for using distributed ledgers to assist in securely developing applications. An application component comprising a component file can be received from a validation client. It can then be determined that the application component complies with a security policy. In response to a determination that the application component complies with the security policy, an endorsed application component record can be generated that comprises the component file or a network address at which the component file is obtainable and a signature for the component file generated with an asymmetric key-pair stored in the memory. The endorsed application component record can then be stored in the distributed ledger.
Legal claims defining the scope of protection, as filed with the USPTO.
4. The system of claim 3, wherein the security attribute for the software component file identifies a potential security vulnerability within the software component file.
5. The system of claim 1, wherein the use indicator specifies a condition on use of the software component file.
6. The system of claim 1, wherein the use indicator specifies a type of application that can use the software component file.
7. The system of claim 1, wherein the software component file comprises human-readable code executable by an interpreter.
9. The method of claim 8, wherein a copy of the source-code component file is stored in the distributed ledger and the method further comprises sending a copy of the source-code component file stored in the distributed ledger in the response indicating that access to the source-code component file is approved.
10. The method of claim 8, wherein the request to access the source-code component file comprises an identifier for the source-code component file and determining that the endorsed application component record is located in the distributed ledger further comprises searching the distributed ledger for an entry in the distributed ledger that comprises the identifier for the source-code component file.
14. The method of claim 8, wherein the request to access the source-code component file further comprises an application identifier, and the method further comprises determining that the application identifier matches a respective application identifier include in a list of approved software applications in the endorsed application component record.
18. The system of claim 15, wherein the request further comprises an application identifier for the software application in which the software component file will be included.
19. The system of claim 15, wherein the request indicates how the software component file will be used by the software application.
20. The system of claim 15, wherein the software application comprises a web page and the software component file comprises an executable script that will be inserted into the web page.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
April 16, 2020
June 27, 2023
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.